<?php
	$ariane = array();
	
	define('RESTRICTED_ACCESS', false); // this page is safe
	require("include/includes.php");
	$template = $twig->loadTemplate('restricted.html');
	
	
	if(isset($_SESSION["restricted_user"]))
		header("Location: index.php");
		
	
	//
	// --------------------------------- LOGIN -----------------------------------
	//
	
	// Valeurs initiales
	$valueNickname_login  	= postOrCustom('nickname', '');
	$valuePassword_login 	= postOrCustom('password', '');
	$errors = Array();
	
	/// --- VALIDATION DU FORMULAIRE ---
	if(isset($_POST['submit_login']))
	{
		/*if(!verifyCsrfToken())
		{
			$errors['csrf'] = 'Security token missing!';
		}
		else // CSRF ok */
		{
			$pid=RestrictedUser::checkLogin($valueNickname_login, $valuePassword_login);
			if($pid===false)
			{
				$errors['badLogin'] = 'Invalid login or password';
				$_SESSION['badLogin'] = 'Invalid login or password';
				//$pid=1; //DEBUG
			}
			//var_dump($pid);
			//var_dump($errors);
			//var_dump($valueNickname_login);
			//var_dump($valuePassword_login);
			//die();
		}
		// Traitement des données (si aucune erreur)
		// Note: Si le joueur est banni, il PEUT se connecter, mais ne pourra pas faire d'action
		if(empty($errors))
		{
			$player = new RestrictedUser($pid);
			$_SESSION['restricted_user'] = $player;
			header("Location: index.php");
		}
		
		//var_dump($errors);
	}
		
	$template->display(array(
		'pageTitle' => 'Index',
		'meta_description' => 'The site of all records on Crash Team Racing trial time !'
	));

?>